summaryrefslogtreecommitdiff
path: root/netsniff-ng.c
AgeCommit message (Collapse)AuthorFilesLines
2013-09-30netsniff-ng: Display pcap I/O method in verbose modeTobias Klauser1-0/+3
If a user accidentially specifies more than one of --mm/--sg/--clrw, the option specified last will be used - as expected from standard command line tools. In order to still prevent users from being confused by this, explicitely display the pcap I/O method used in verbose mode. In order for the output to be more user-friendly, actually write out the method names in const char *pcap_ops_group_to_str, which isn't used anywhere else anyway. Suggested-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-09-02netsniff-ng: Remove unnecessary fmemset() of struct statTobias Klauser1-1/+0
The struct stat is filled by the call to stat(2) in the next line, so there is no need to explicitely set it to 0 before. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-30netsniff-ng: Simplify dump file creation logicTobias Klauser1-9/+5
Instead of using goto, just check stats if stat() returned 0 and used ctx->dump_dir afterwards. This makes the logic a bit easier to follow. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-19netsniff-ng: poll: don't panic on EINTRDaniel Borkmann1-4/+8
When signal occurs, don't panic on EINTR, rather gracefully return. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-08-12netsniff-ng: Check return value of poll()Tobias Klauser1-3/+7
The return value of two calls to poll() are never check, despite the (unlikely) possibility of them returning an error, fix it by checking the return value and panic()ing on error. This issue was discovered using the Coverity scanner. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-09dev: Integrate `promisc' module into `dev' moduleTobias Klauser1-5/+5
Since entering/leaving promiscuous mode also is a device specific function and all users of the `promisc' module also use `dev', integrate it there. Also rename the functions to have a `device_' prefix like the other functions in the module. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-09netsniff-ng: Fix compiler warningTobias Klauser1-1/+1
Fix the following compiler warning that occurs when building with "-W -Wall -Wextra" by introducing a cast: netsniff-ng.c: In function ‘walk_t3_block’: netsniff-ng.c:841:8: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-09mac80211.c: Remove or mark unused function parametersTobias Klauser1-2/+2
Compiling with "-W -Wall -Wextra" reveals the following warnings in mac80211.c: mac80211.c: In function ‘nl80211_init’: mac80211.c:78:67: warning: unused parameter ‘device’ [-Wunused-parameter] mac80211.c: In function ‘nl80211_wait_handler’: mac80211.c:106:48: warning: unused parameter ‘msg’ [-Wunused-parameter] mac80211.c: In function ‘nl80211_error_handler’: mac80211.c:115:54: warning: unused parameter ‘nla’ [-Wunused-parameter] mac80211.c:117:12: warning: unused parameter ‘arg’ [-Wunused-parameter] mac80211.c: In function ‘nl80211_del_mon_if’: mac80211.c:181:72: warning: unused parameter ‘device’ [-Wunused-parameter] Fix them by either marking them as unused (where we need to conform to library APIs or remove them alltogether (for our own APIs). For the function leave_rfmon_mac80211() the according users (netsniff-ng and trafgen) are also changed. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-07-13pcap_io: Remove unused parameter sll from pcap_pkthdr_to_tpacket_hdr()Tobias Klauser1-3/+2
The sll parameter is not used anywhere in the function, so remove it. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-07-13sparse: netsniff-ng, trafgen: fix remaining time(0) warningsDaniel Borkmann1-2/+2
Those are the last occurences of warnings like: netsniff-ng.c:697:48: warning: Using plain integer as NULL pointer netsniff-ng.c:726:48: warning: Using plain integer as NULL pointer ... Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-12bpf_comp: pass NEED_TCPDUMP_LIKE_FILTER through gccDaniel Borkmann1-2/+0
We have to pass NEED_TCPDUMP_LIKE_FILTER define through gcc as it otherwise is not possible to let the pcap compiler invoke through netsniff-ng, but not through astraceroute. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-11netsniff-ng: fix recognition of -U command line optionDaniel Borkmann1-1/+1
"-U" has been forgotten to add into shortopts. "--update" works as expeceted however. So simply add "U". Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-09configure: fix multiple issues in build configurationDaniel Borkmann1-0/+2
This patch is a bundle of multiple fixes. 1) Fix compilation of astraceroute when HAVE_LIBPCAP=1: astraceroute doesn't need libpcap, so add an additional guard/define to bpf.h and bpf_comp.c and netsniff-ng.c. Also since we generate a config.h file, we do not need to have this additional compile flag anymore. 2) Fix tstamping.{h,c} to use the configure script instead of the Makefile. For doing this, also fix the object inclusion in netsniff-ng/Makefile. Last but not least, rename __WITH_... into HAVE_... as this is more clean. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-09all: show git id in --version informationDaniel Borkmann1-2/+4
In order to be able to better track regressions or to give support, let us track the Git id as well in version information. This makes the ``--version'' switch actually useful. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-03netsniff-ng: ctx: init and destruct methods for ctxDaniel Borkmann1-18/+33
Refactor ctx initialization and destruction into separate handlers. That is more clean. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-03pcap: invoke dev->type to pcap linktype mapperDaniel Borkmann1-1/+2
Invoke dev->type to pcap linktype mapper in order to write a correct pcap file header for various link types. Also fix two bugs in pcap file header parsing and print a warning with the magic link number in case of an unknown link type. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-25netsniff-ng: tpacketv3: 'fix' packet accounting outputDaniel Borkmann1-2/+2
In netsniff-ng, we use tpacketv3 for capturing-only mode. The issue observed lately is that when using f.e. -n10 or capturing a pcap and then quitting, the pcap or actually seen number of packets are less than what the statistics tell us from getsockopt(2). This is due to the fact that tpacketv3 divides its ring buffer into blocks of frames. Meaning, while we are traversing block n, the kernel already fills up block n+1 and following if new packets arrive. While doing so, it increments packet counters. Thus, when we ^C, we haven't seen those blocks, so the stats tell us mostly a slightly higher result. Fix this by adjusting socket stats printing to this fact. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-14netsniff-ng: Report if HW timestamping is enabledTobias Klauser1-1/+3
Until now we didn't check the return value of set_sockopt_hwtimestamp() and the Coverity scanner complained about it, so use it's return value to report if timstamping is actually enabled in verbose mode. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-06-12ioops: misc: add dup{,2}_or_die to ioopsDaniel Borkmann1-4/+4
Bail out if it should ever fail. Detected by coverty in the translate_pcap_to_txf() path. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-12netsniff-ng: walk_t3_block: prevent fd from double closeDaniel Borkmann1-4/+4
Only close the very first pcap file of multi-pcap files once, and not once during next_multi_pcap_file and once during exit. Discovered by Coverty scanner. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04tstamping: add header file for packet timestampingDaniel Borkmann1-2/+1
Better add a header file for this, so that we do not need to have it in multiple places declared. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xutils: eliminate xutils, move rest to epoll2Daniel Borkmann1-1/+0
Finally eliminate xutils.{c,h} and move the rest to epoll2. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04timer: add time management functionsDaniel Borkmann1-0/+1
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04sig: add signal handling functionsDaniel Borkmann1-0/+1
Add an extra file for signal handling functions. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04sock: add socket management functionsDaniel Borkmann1-0/+1
Remove them from xutils, and add them to socket management. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04proc: move out process specific management functionsDaniel Borkmann1-2/+3
Move them out of xutils, so that we can maintain them separately. Also simplify things a bit. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04privs: move drop_privileges out of xutilsDaniel Borkmann1-0/+1
Again, also to be able to maintain this more easily. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xutils: break out promisc mode functionsDaniel Borkmann1-0/+1
Put them separately for the sake of maintanence. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04irq: rename device_bind_irq_to_cpu to device_set_irq_affinityDaniel Borkmann1-2/+2
This is more appropriate and consistent with other device irq functions. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xio: rename xio to ioops and reduce its includesDaniel Borkmann1-1/+1
Rename xio to ioops (io-ops) and boil its include files down to a minimum. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xio: add ioexact operationsDaniel Borkmann1-4/+1
Break this out so that we only need to have sigint non-static where it is really needed. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xutils: break out string handling and lockingDaniel Borkmann1-0/+2
Break out all string handling functions and lockme stuff in order to further eliminate the big code blob in xutils, so that it can be easier maintained. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-03netsniff-ng: v3: fix packet accounting on --numDaniel Borkmann1-7/+8
We need to carry frame_count through multiple calls of walk function to account correctly for --num <pkts>. Also, move socket stats printing into rx ring, since it belongs there. Todo: the kernel socket seems to have a different count that what we see. This needs to be fixed one way or the other. Not yet sure what's causing this. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-03irq: break out from xutils and save + restoreDaniel Borkmann1-1/+2
Break out IRQ functionality from xutils, simplify it, and save + restore IRQ affinity list. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31netsniff-ng: minor: update help descriptionDaniel Borkmann1-3/+3
Give -J a lower prio in the help option ranking and state that its only for replay or forwarding. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31netsniff-ng: enable jumbo frames on default in tpacket_v3Daniel Borkmann1-4/+4
Since frames are stored more compressed and contiguous, we can also enable jumbo support in pcap dumps by default, since we have no further restrictions in terms of ring buffer frame size. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31ring: netsniff-ng: migrate capture only to TPACKET_V3Daniel Borkmann1-75/+79
Lets migrate capturing to TPACKET_V3, since it will bring a better performance due to fewer page cache misses caused by a higher density of packets, since now they are contigous placed in the ring buffer. It is said that TPACKET_V3 brings the following benefits: *) ~15 - 20% reduction in CPU-usage *) ~20% increase in packet capture rate *) ~2x increase in packet density *) Port aggregation analysis *) Non static frame size to capture entire packet payload Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31ring: setup frame structure for v2/v3 in a generic wayDaniel Borkmann1-4/+4
Prepare TPACKET_V3 for allowing to transparently setting up the frame structure such that we do not need to change much in the netsniff-ng/trafgen code. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-30ring: prepare setup_rx_ring_layout for support in v2/v3Daniel Borkmann1-2/+2
Prepare setup_rx_ring_layout for both, v2 and v3. Also do some checks during compile time if offsets stay the same as we operate on different union mappings. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-30netsniff-ng: Add __maybe_unused attribute to timer functionsTobias Klauser1-3/+2
The two functions timer_elapsed() and timer_next_dump() both take an argument which they don't use. Annotate them appropriately using the __maybe_unused attribute. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-23make: include build nameDaniel Borkmann1-1/+1
Include long version string into tools when called with --version. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-17netsniff-ng: Add __noreturn attribute to exiting functionsTobias Klauser1-2/+2
Add the __noreturn attribute to all functions which wont return but call die() themselves to exit(). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-15man: trafgen: Minor fixesTobias Klauser1-1/+1
Replace "on default" by "by default", make it a bit more clear what the seed in the -E/--seed option is for and mention exit after display of information on --version and --help. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-13ring: break out timestamping since not directly relatedDaniel Borkmann1-0/+2
Break out the timestamping part of the ring.h file, since it's not directly related to the {t,r}x_ring. Also inlining doesn't make sense here. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-04-23netsniff-ng: remove set_sockopt_hwtimestamp callDaniel Borkmann1-1/+0
For TX this call is completly useless and has no effect whatsoever. Therefore, remove it. For the RX part, this call makes perfect sense, not for the other one currently. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-04-11netsniff-ng: mlock: only lock current and future pages when rootDaniel Borkmann1-2/+4
When we're still root, we tell the kernel to lock/protect all current and future pages in memory so that they will not be swapped out in case the system uses up too much. Now when we do xzmalloc_aligned(), it calls internally posix_memalign() that can call mmap(2), thus we will get an EAGAIN as errno, since we're not root anymore and since we wanted to touch sth. that belongs to root. Nasty. Fix this up by only protecting these pages when we do not use -u/-g. Reported-by: Doug Burks <doug.burks@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-04-09pcap_io: introduce init_once helper that is called with priviledgesDaniel Borkmann1-0/+9
When using netsniff-ng with dropping priviledges, we have to introduce another pcap helper function that is called once before we drop the priviledges. In this function we have to invoke the disc I/O scheduler policy, because it needs priviledges. Otherwise netsniff-ng will fail with "Failed to set io prio for pid" on startup, since we're not root anymore. Reported-by: Doug Burks <doug.burks@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-04-06netsniff-ng: also capture if NIC is currently downDaniel Borkmann1-5/+0
There is actually no reason why netsniff-ng should fail if the NIC is down at startup. We still can setup everything and already capture at the time it goes up. This might be useful when replugging cables on servers, for instance. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-03-28ring: purge timer before we unmap tx ring buffersDaniel Borkmann1-0/+19
If we unmap TX ring buffers and still have timer shots that trigger the kernel to traverse the TX_RING, it can send out random crap in some situations. Prevent this by destroying the timer and flush the TX_RING first in wait mode. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-03-16netsniff-ng: if we cannot get intermediate pcap statistics, panicDaniel Borkmann1-1/+5
Before we do calculations on statistics, check if we really got them. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>